LiverpoolsNo9
New Member
So I got this email from hostgator.
Code: Hello,This message is to advise you of a temporary block placed on your account. This account was found to be consuming an inordinate amount of processor time, to the point of degrading overall system performance. While we do limit each account to no more than 25% of a system's CPU in our terms of service, we do not actively disable accounts until they greatly exceed that number, which is what happened in this case. Requests to this scripts under this account may become degraded by limiting the abilty for scripts to run for a limited amount of time, or if the issue persists, we may be forced to restrict how fast processes can be spawned until the issue has been resolved.We recommend taking steps to reduce the overall CPU usage for the account, which may be as simple as generating a flat HTML page for popular content, or enabling caching that is available through many popular scripts, or disabling high CPU usage features such as searches or Ajax refreshes. Although we may not be able to help in all cases, we would be more than happy to assist if you are unable to determine any cause, or if you need help interpreting any of the information.CPU seconds used in the past hour: 3116.92999999976, 87% CPUSun May 6 03:01:02 CDT 2012Running Processes:Running Queries:Open connectionsCurrent Site Requests:58.165.105.134 spetsnazhost.com /includes/chat/jsCodeInjecter.php?url=http%3A//spetsnazhost58.165.105.134 spetsnazhost.com /includes/chat/jsCodeInjecter.php?url=http%3A//spetsnazhost75.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=current&_=13362816175.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=current&_=13362893075.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=current&_=13362905275.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=current&_=13362905375.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=current&_=13362912375.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=monitor&_=13362816275.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=monitor&_=13362912375.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=monitor&_=13362912675.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133628931997975.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133628932000175.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133628932001775.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133628932012375.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133628933953275.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133628948475675.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133629053290675.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133629053298875.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133629053301275.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133629123932475.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133629124053975.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133629124080575.32.237.212 spetsnazhost.com /includes/chat/chat.php75.32.237.212 spetsnazhost.com /includes/chat/chat.php75.32.237.212 spetsnazhost.com /includes/chat/chat.phpCordially, Shaun LLinux Systems AdministratorHostGator.com LLChttp://support.hostgator.comMy scripts information
chat
Code: <?/* WHMCS Addon Live Support - Provides a way for you to instantly communicate with your customers. Copyright (C) 2010-2012 WHMCS Addon This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */@error_reporting(0);@ini_set("register_globals", "off");header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1header("Expires: ".date("r")); // Date in the past//error_reporting(0);// Find WHMCS Directory// Set $pathPart to the folder to exclude from.$directoryFinder = explode("/", $_SERVER["SCRIPT_FILENAME"]);foreach($directoryFinder as $pathPart) { if ($pathPart != "") { if ($pathPart != "includes") { $dir .= "/".$pathPart; } else { $dir .= "/"; break; } }}require_once($dir."dbconnect.php");session_start();// View Messagesswitch ($_POST["action"]) { case "view": if ($_SESSION["adminid"] != "") { $uid = $_SESSION["adminid"]; $utype = 2; } elseif ($_SESSION["uid"] != "") { $uid = $_SESSION["uid"]; $utype = 1; } else { $uid = -1; $utype = 0; } $result = mysql_query("SELECT * FROM `chat_conversations` WHERE `session`='".mysql_real_escape_string($_POST["session"])."' AND `order`>=".mysql_real_escape_string($_POST["count"])." ORDER BY `order`, `timestamp` ASC;"); $numberRows = mysql_num_rows($result); $run = false; if ($numberRows > 0) { if (!isset($chat_settings)) { $result2 = mysql_query("SELECT * FROM `chat_settings`"); while($row = mysql_fetch_array($result2)) { $chat_settings[$row[0]] = $row[1]; } } mysql_free_result($result2); while($row = mysql_fetch_array($result)) { $run = true; $htmlDecode = htmlspecialchars($row["data"]); // Script Excutable if ($row["datatype"] == 1 && $row["ulevel"] == 2) { $lastCount = $row["order"]; $htmlDecode = htmlspecialchars_decode($row["data"]); $htmlDecode .= "<script>count++;</script>"; // Download } elseif ($row["datatype"] == 2) { $lastCount = $row["order"]; echo "<div class='inchat downloadFile ".$row["order"]."'>".htmlspecialchars_decode($row["data"])."</div>"; continue; // Connected User } elseif ($row["datatype"] == 3) { $lastCount = $row["order"]; if ($uid != $row["uid"] || $utype != $row["ulevel"]) echo "<div class='inchat connectedUser ".$row["order"]."'>".htmlspecialchars_decode($row["data"])."</div>"; continue; // Transfer } elseif ($row["datatype"] == 4) { $lastCount = $row["order"]; if ($utype == 2) { echo "<div class='inchat transfer operator ".$row["order"]."'><strong>Transfer Request Initiated!</strong></div>"; } else { echo "<div class='inchat transfer".$row["order"]."'>".htmlspecialchars_decode($row["data"])."</div>"; } continue; // Cancel Transfer } elseif ($row["datatype"] == 5) { $lastCount = $row["order"]; if ($utype == 2) { echo "<div class='inchat transfer operator red ".$row["order"]."'><strong>Transfer has been stopped!</strong></div>"; } else { echo "<div class='inchat transfer".$row["order"]."'>".htmlspecialchars_decode($row["data"])."</div>"; } continue; } // Identify user's name switch ($row["ulevel"]) { case 2: $userResult = mysql_query("SELECT * FROM `tbladmins` WHERE `id`='".$row["uid"]."';"); while($uRow = mysql_fetch_array($userResult)) { switch ($chat_settings["AdminDisplayName"]) { case "l": $uname = $uRow["lastname"]; break; case "f": $uname = $uRow["firstname"]; break; case "fl": $uname = $uRow["firstname"]." ".$uRow["lastname"]; break; case "lf": $uname = $uRow["lastname"]." ".$uRow["firstname"]; break; case "u": $uname = $uRow["username"]; break; default: $uname = $uRow["firstname"]; break; } } break; case 1: $userResult = mysql_query("SELECT * FROM `tblclients` WHERE `id`='".$row["uid"]."';"); while($uRow = mysql_fetch_array($userResult)) { switch ($chat_settings["ClientDisplayName"]) { case "l": $uname = $uRow["lastname"]; break; case "f": $uname = $uRow["firstname"]; break; case "fl": $uname = $uRow["firstname"]." ".$uRow["lastname"]; break; case "lf": $uname = $uRow["lastname"]." ".$uRow["firstname"]; break; default: $uname = $uRow["firstname"]; break; } } break; default: $uname = $row[2]; break; } //$urlPattern[0] = "[[:alpha:]]+://[^<>[:space:]]+[[:alnum:]/]"; //$urlPattern[1] = "www.[^<>[:space:]]+[[:alnum:]/]"; if ($row["ulevel"] != 2) { echo "<div class=\"inchat client ".$row["order"]."\">"; if (strip_tags(preg_replace('/<script\b[^>]*>(.*?)<\/script>/i', "", $htmlDecode)) != "") { echo "<span class=\"inchat client uname\">".$uname.":</span> "; } echo "<span class=\"inchat client usays\">".strip_tags($htmlDecode)."</span></div>"; } else { if ($utype != 2) { echo "<div class=\"inchat operator ".$row["order"]."\">"; if (strip_tags(preg_replace('/<script\b[^>]*>(.*?)<\/script>/i', "", $htmlDecode)) != "") { echo "<span class=\"inchat operator uname\">".$uname.":</span> "; } echo "<span class=\"inchat operator usays\">".strip_tags($htmlDecode, $chat_settings["adminHTML"])."</span></div>"; } else { preg_match_all('/<script\b[^>]*>(.*?)<\/script>/i', $htmlDecode, $matches); if ($matches[1][0] != "") { echo "<div class=\"inchat inchat script ".$row["order"]."\">Script Executed<div class=\"executed\">"; for ($x = 0; $x <= count($matches[1]); $x++) { if ($matches[$x] != "") { echo $matches[1][$x]; } } echo "</div></div>"; } echo "<div class=\"inchat operator ".$row["order"]."\">"; if (strip_tags(preg_replace('/<script\b[^>]*>(.*?)<\/script>/i', "", $htmlDecode)) != "") { echo "<span class=\"inchat operator uname\">".$uname.":</span> "; } echo "<span class=\"inchat operator usays\">".strip_tags(preg_replace('/<script\b[^>]*>(.*?)<\/script>/i', "", $htmlDecode), $chat_settings["adminHTML"])."</span></div>"; } } //echo "<div class=\"chat ".$row["order"]."\">".$row["data"]."</div>"; $lastCount = $row["order"]; } } mysql_free_result($result); include "chatSession.php"; $cSess = new chatSession(); $cSess->useSession($_POST["session"]); if ($_POST["wmessage"] == "true") { $cSess->setWritingMessage($uid.":".$utype, 1); } else { $cSess->setWritingMessage($uid.":".$utype, 0); } $writeMessage = array(); $writeMessage = $cSess->getWritingMessage(); $isWritingM = false; //print_r($writeMessage); foreach ($writeMessage as $arrWM) { $arrWM2 = explode(":", $arrWM); if (!empty($arrWM) && $arrWM2[0] != $uid && $arrWM2[1] != $utype) { $isWritingM = true; } } if ($isWritingM) { if (!$_SESSION["chat_isWriting_".$_POST["session"]]) { $_SESSION["chat_isWriting_".$_POST["session"]] = true; echo "<script type=\"text/javascript\">enableWritingIcon();</script>"; } //echo "Enabled"; } else { if ($_SESSION["chat_isWriting_".$_POST["session"]]) { $_SESSION["chat_isWriting_".$_POST["session"]] = false; echo "<script type=\"text/javascript\">disableWritingIcon();</script>"; } //echo "Disabled"; } if ($run && $_POST["count"] != $lastCount) { echo "<script type=\"text/javascript\">count = ".$lastCount.";</script>"; //print_r($chat_settings); } mysql_close(); break; case "post": if ($_SESSION["adminid"] != "") { $uid = $_SESSION["adminid"]; $utype = 2; } elseif ($_SESSION["uid"] != "") { $uid = $_SESSION["uid"]; $utype = 1; } else { $uid = -1; $utype = 0; } if (!isset($chat_settings)) { $result2 = mysql_query("SELECT * FROM `chat_settings`"); while($row = mysql_fetch_array($result2)) { $chat_settings[$row[0]] = $row[1]; } } $result = mysql_query("SELECT * FROM `chat_conversations` WHERE `session`='".mysql_real_escape_string($_POST["session"])."' AND `order`>=".mysql_real_escape_string($_POST["count"])." ORDER BY `order`, `timestamp` ASC;"); $run = false; while($row = mysql_fetch_array($result)) { $run = true; $lastCount = $row["order"]; } if ($run) { $order = $lastCount + 1; } else { $order = $_POST["count"]; } $data = http://www.wjunction.com/18-server-management-help/$_POST["data"]; if ($data == "%operatorConnectedMessage%" && $_POST["datatype"] == 3) { $data = $chat_settings["operatorConnectedMessage"]; $userResult = mysql_query("SELECT * FROM `tbladmins` WHERE `id`='".$_SESSION["adminid"]."';"); while($uRow = mysql_fetch_array($userResult)) { $data = http://www.wjunction.com/18-server-management-help/str_replace("%FIRSTNAME%", $uRow["firstname"], $data); $data = str_replace("%LASTNAME%", $uRow["lastname"], $data); } $data = htmlspecialchars_decode($data); $data .= "<script type=/"text/javascript/">connected=true;</script>"; } if ($data == "%clientConnectedMessage%" && $_POST["datatype"] == 3) { $data = $chat_settings["clientConnectedMessage"]; if ($utype == 1) { $userResult = mysql_query("SELECT * FROM `tblclients` WHERE `id`='".$uid."';"); while($uRow = mysql_fetch_array($userResult)) { $data = http://www.wjunction.com/18-server-management-help/str_replace("%FIRSTNAME%", $uRow["firstname"], $data); $data = str_replace("%LASTNAME%", $uRow["lastname"], $data); $data = str_replace("%ENTEREDNAME%", "", $data); } } elseif ($utype == 0) { $data = str_replace("%FIRSTNAME%", "", $data); $data = str_replace("%LASTNAME%", "", $data); $data = str_replace("%ENTEREDNAME%", $_POST["user"], $data); } } $data = htmlspecialchars_decode($data); $result = mysql_query("INSERT INTO chat_conversations (`session`, `user`, `uid`, `ulevel`, `data`, `timestamp`, `order`, `datatype`)VALUES ('".mysql_real_escape_string($_POST["session"])."', '".mysql_real_escape_string($_POST["user"])."', '".$uid."', '".$utype."', '".mysql_real_escape_string($data)."', '".$_SERVER['REQUEST_TIME']."', '".mysql_real_escape_string($order)."', '".mysql_real_escape_string($_POST["datatype"])."');"); if ($_POST["datatype"] == 0) { require("chatSession.php"); $chat_session = new chatSession(); $chat_session->useSession($_POST["session"]); if ($chat_session->getActive() == 2) { $userResult = mysql_query("SELECT * FROM `tbladmins` WHERE `id`='".$uid."'"); while($uRow = mysql_fetch_array($userResult)) { $uname = $uRow["firstname"]." ".$uRow["lastname"]; } $result = mysql_query("INSERT INTO `tblticketreplies` (`tid`, `date`, `message`, `admin`) VALUES ('".$chat_session->getTID()."', '".date("Y-m-d G:i:s")."', '".mysql_real_escape_string($data)."', '".mysql_real_escape_string($uname)."');"); } } mysql_close(); break;}?>ADMINSESSION
Code: <?/* WHMCS Addon Live Support - Provides a way for you to instantly communicate with your customers. Copyright (C) 2010-2012 WHMCS Addon This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */@error_reporting(0);@ini_set("register_globals", "off");// Find WHMCS Directory// Set $pathPart to the folder to exclude from.$directoryFinder = explode("/", $_SERVER["SCRIPT_FILENAME"]);foreach($directoryFinder as $pathPart) { if ($pathPart != "") { if ($pathPart != "includes") { $dir .= "/".$pathPart; } else { $dir .= "/"; break; } }}require($dir."/dbconnect.php");# Get Variables from storage (retrieve from wherever it's stored - DB, file, etc...)if (!isset($chat_settings)) { $result2 = mysql_query("SELECT * FROM `chat_settings`"); while($row = mysql_fetch_array($result2)) { $chat_settings[$row[0]] = $row[1]; }}session_start();//print_r($_SESSION);if (!isset($_SESSION["adminid"])) { exit("You do not have permission to view this page."); }function ipcode($ip) { $numbers = preg_split( "/\./", $ip); $code=($numbers[0] * 16777216) + ($numbers[1] * 65536) + ($numbers[2] * 256) + ($numbers[3]); return $code;}$result = mysql_query("SELECT * FROM `tbladmins` WHERE `id`='".$_SESSION["adminid"]."'");while($row = mysql_fetch_array($result)) { $user = $row;}$viewDept = explode(",", $user["supportdepts"]);$result = mysql_query("SELECT * FROM `tblticketdepartments`");$x = 0;$dept = array();while($row = mysql_fetch_array($result)) { $dept[$x] = $row; $x++;}$withinFive = time() - 300;$result = mysql_query("SELECT * FROM `chat_ban`");$x = 0;$ban = array();while($row = mysql_fetch_array($result)) { $ban[$x] = $row["ip"];}if ($_GET["method"] == "current") { $result = mysql_query("SELECT * FROM `chat_sessions` WHERE `active`='0' AND NOT `utype`='2' ORDER BY `timestamp` DESC, `active` ASC");} elseif ($_GET["method"] == "monitor") { $result = mysql_query("SELECT * FROM `site_activitylogs` WHERE `lastaccess` >= ".$withinFive." ORDER BY `uid` DESC,`id` ASC");} else { $result = mysql_query("SELECT * FROM `chat_sessions` WHERE `timestamp` >= ".$withinFive." AND `active` = '1' ORDER BY `timestamp` DESC, `active` ASC");}while($row = mysql_fetch_array($result)) { if ($_GET["method"] == "monitor") { $actuallyRan = true; ?> <table class="monitorTable monitorContent"> <tr> <td class="monitorName"><? $run = false; if ($row["uid"] > 0) { $result2 = mysql_query("SELECT * FROM `tblclients` WHERE `id`=".$row["uid"]); while ($row2 = mysql_fetch_array($result2)) { echo "<a href='http://www.wjunction.com/18-server-management-help/clientssummary.php?userid=".$row["uid"]."' target='_blank'><img src=http://www.wjunction.com/18-server-management-help//"images/icons/clientsprofile.png/" border=/"0/" /> ".$row2["firstname"]." ".$row2["lastname"]."</a>"; $run = true; } } if ($run == false) { echo "<i>Guest</i>"; } ?></td> <td class="monitorDepartment"><?= $row["ip"]; ?></td> <td class="monitorQuestion"><? $pages = explode("|", $row["pages"]); echo $pages[count($pages)-1]; ?></td> <td class="monitorStatus"><? $timestamps = explode("|", $row["timestamps"]); $firstTime = explode(",", $timestamps[0]); //$lastTime = explode(",", $timestamps[count($timestamps)-1]); $timeFinal = ($row["lastaccess"]-$firstTime[0]); $hours = floor($timeFinal/3600); $timeFinal = $timeFinal - ($hours * 3600); $minutes = floor($timeFinal/60); $timeFinal = $timeFinal - ($minutes * 60); $seconds = $timeFinal; if ($minutes < 10) $minutes = "0".$minutes; if ($seconds < 10) $seconds = "0".$seconds; echo $hours.":".$minutes.":".$seconds; // 7 days; 24 hours; 60 mins; 60secs ?></td> <td class="monitorBetween"></td> <td class="monitorActions"> <img class="injectScriptButton <?= $row["id"]; ?>" src="images/script.jpg" title="Inject Script" alt="Inject Script" onclick="injectScript('<?= $row["session"]; ?>', '.injectScriptButton.<?= $row["id"]; ?>')" onmouseover="this.src='http://www.wjunction.com/18-server-management-help/images/script_hover.jpg';" onmouseout="this.src='http://www.wjunction.com/18-server-management-help/images/script.jpg';" /> </td> <td class="monitorBetween"></td> <td class="monitorMore"><? $x = ipcode($row["ip"]); $result2 = mysql_query("SELECT * FROM tblgeoip WHERE ip_from <= '$x' AND ip_to >= '$x'"); while ($row2 = mysql_fetch_array($result2)) { if (floatval($row2["ip_from"]) <= floatval($x) && floatval($row2["ip_to"]) >= floatval($x)) { echo "<img src='http://www.wjunction.com/18-server-management-help/images/flags/".strtolower($row2["ctry"]).".gif' title='".$row2["country"]."' alt='".$row2["country"]."' />"; break; } } ?></td> </tr> </table><? } else { $currentDept = explode("|", $row["departments"]); $ignore = explode("|", $row["ignore"]); //print_r($user); //echo in_array($user["id"], $ignore); $run = false; if ($row["uid"] > 0 || $row["name"] != "") { $run = true; } $env = unserialize($row["environment"]); if (in_array($env["REMOTE_ADDR"], $ban) == 1) { $run = false; } if (in_array($user["id"], $ignore) != 1 && $run || $_GET["method"] == "current" && $run) { if (in_array($currentDept[count($currentDept)-1], $viewDept) == 1 || $currentDept[count($currentDept)-1] == "-1") { //$env = unserialize($row["environment"]); //echo $row["session"]; $actuallyRan = true; ?> <table class="monitorTable monitorContent"> <tr> <td class="monitorName"><? $run = false; if ($row["uid"] > 0) { $result2 = mysql_query("SELECT * FROM `tblclients` WHERE `id`=".$row["uid"]); while ($row2 = mysql_fetch_array($result2)) { echo "<a href='http://www.wjunction.com/18-server-management-help/clientssummary.php?userid=".$row["uid"]."' target='_blank'><img src=http://www.wjunction.com/18-server-management-help//"images/icons/clientsprofile.png/" border=/"0/" /> ".$row2["firstname"]." ".$row2["lastname"]."</a>"; $run = true; } } if ($run == false) { $result2 = mysql_query("SELECT * FROM `tblclients` WHERE `firstname`='".$row["name"]."' OR `lastname`='".$row["name"]."' OR `companyname`='".$row["name"]."' OR `email`='".$row["email"]."' OR `ip`='".$env["REMOTE_ADDR"]."'"); while ($row2 = mysql_fetch_array($result2)) { echo "<img src=http://www.wjunction.com/18-server-management-help//"images/info.gif/" border=/"0/" title=/"Client Results Detected/" alt=/"Client Results Detected/" /> "; break; } echo $row["name"]; } ?></td> <td class="monitorDepartment"><? if ($currentDept[count($currentDept)-1] == "-1") { echo "<i>All</i>"; } else { for ($x = 0; $x < count($dept); $x++) { if ($dept[$x]["id"] == $currentDept[count($currentDept)-1]) { echo $dept[$x]["name"]; } } } ?></td> <td class="monitorQuestion"><? echo $row["question"]; ?></td> <td class="monitorStatus"><? if ($row["active"] == 1) { echo "Not Answered"; } elseif ($row["active"] == 2) { echo "Closed"; } else { echo "Answered"; } ?></td> <td class="monitorBetween"></td> <td class="monitorActions"> <img class="actionAnswer" src="images/answer.jpg" title="Answer" alt="Answer" onclick="answerCall('<?= $row["session"]; ?>'<? if ( $_GET["method"] == "current") { echo ", true"; } ?>);" onmouseover="this.src='http://www.wjunction.com/18-server-management-help/images/answer_hover.jpg';" onmouseout="this.src='http://www.wjunction.com/18-server-management-help/images/answer.jpg';" /> <? if ($_GET["method"] != "current") { ?> <img class="actionIgnore" src=http://www.wjunction.com/18-server-management-help/"images/ignore.jpg" title="Ignore" alt="Ignore" onclick="ignoreCall('<?= $row["session"]; ?>');" onmouseover="this.src='http://www.wjunction.com/18-server-management-help/images/ignore_hover.jpg';" onmouseout="this.src='http://www.wjunction.com/18-server-management-help/images/ignore.jpg';" /> <? } ?> <img src=http://www.wjunction.com/18-server-management-help/"images/blockip.jpg" title="Block IP" alt="Block IP" onclick="blockUser('<?= $row["session"]; ?>');" onmouseover="this.src='http://www.wjunction.com/18-server-management-help/images/blockip_hover.jpg';" onmouseout="this.src='http://www.wjunction.com/18-server-management-help/images/blockip.jpg';" /> </td> <td class="monitorBetween"></td> <td class="monitorMore"><? $x = ipcode($env["REMOTE_ADDR"]); $result2 = mysql_query("SELECT * FROM tblgeoip WHERE ip_from <= '$x' AND ip_to >= '$x'"); while ($row2 = mysql_fetch_array($result2)) { if (floatval($row2["ip_from"]) <= floatval($x) && floatval($row2["ip_to"]) >= floatval($x)) { echo "<img src='http://www.wjunction.com/18-server-management-help/images/flags/".strtolower($row2["ctry"]).".gif' title='".$row2["country"]."' alt='".$row2["country"]."' />"; break; } } ?></td> </tr> </table> <? } } }}if ($actuallyRan != true) { ?><table class="monitorTable monitorContent"> <tr><td style="padding-left: 10px;">No support requests are available at the moment.</td></tr></table><?}?>JsCodeInjection
Code: <?/* WHMCS Addon Live Support - Provides a way for you to instantly communicate with your customers. Copyright (C) 2010-2012 WHMCS Addon This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */@error_reporting(0);@ini_set("register_globals", "off");// Find WHMCS Directory// Set $pathPart to the folder to exclude from.$directoryFinder = explode("/", $_SERVER["SCRIPT_FILENAME"]);foreach($directoryFinder as $pathPart) { if ($pathPart != "") { if ($pathPart != "includes") { $dir .= "/".$pathPart; } else { $dir .= "/"; break; } }}require($dir."/dbconnect.php");session_start();if ($_SESSION["uid"] != "") { $uid = $_SESSION["uid"]; $utype = 1;} else { $uid = 0; $utype = 0;}/*if (isset($_SESSION["site_session"]) || isset($_COOKIE["site_session"])) { $result = mysql_query("SELECT * FROM `site_activitylogs` WHERE `session`='".$_SESSION["site_session"]."'"); while($row = mysql_fetch_array($result)) { if ($uid != $row["uid"] || $_SERVER['REMOTE_ADDR'] != $row["ip"]) { $startNew = true; } }}*/$aTime = time() - 3000;$result = mysql_query("SELECT * FROM `site_activitylogs` WHERE `ip`='".$_SERVER['REMOTE_ADDR']."' AND `lastaccess`>='".$aTime."' ORDER BY `id` ASC");//echo $_SESSION["monitor_session"];if (mysql_num_rows($result) == 1) { while($row = mysql_fetch_array($result)) { $pageFinder = explode("|", $row["pages"]); $timeFinder = explode("|", $row["timestamps"]); if ($pageFinder[count($pageFinder)-1] == $_GET["url"]) { $pages = $row["pages"]; $timeSubFinder = explode(",", $timeFinder[count($timeFinder)-1]); $ran = false; for ($x = 0; $x < count($timeFinder)-1; $x++) { if ($x > 0) { $timestamps .= "|"; } $timestamps .= $timeFinder[$x]; $ran = true; } if ($ran) { $timestamps .= "|"; } $timestamps .= $timeSubFinder[0].",".time(); } else { $pages = $row["pages"]."|".$_GET["url"]; $timestamps = $row["timestamps"]."|".time(); } $_SESSION["monitor_session"] = $row["session"]; $_SESSION["monitor_session_uid"] = $row["uid"]; } if ($_SESSION["monitor_session_uid"] && !$uid) mysql_query("UPDATE `site_activitylogs` SET `pages`='$pages', `timestamps`='$timestamps', `lastaccess`='".time()."' WHERE `session`='".$_SESSION["monitor_session"]."' AND `ip`='".$_SERVER['REMOTE_ADDR']."' AND `lastaccess`>='".$aTime."'"); else mysql_query("UPDATE `site_activitylogs` SET `pages`='$pages', `timestamps`='$timestamps', `lastaccess`='".time()."', `uid`='".$uid."' WHERE `session`='".$_SESSION["monitor_session"]."' AND `ip`='".$_SERVER['REMOTE_ADDR']."' AND `lastaccess`>='".$aTime."'"); $result = mysql_query("SELECT * FROM `site_script` WHERE `session`='".$_SESSION["monitor_session"]."' AND `ip`='".$_SERVER['REMOTE_ADDR']."' AND `excuted`='0'"); while($row = mysql_fetch_array($result)) { mysql_query("UPDATE `site_script` SET `excuted`='1' WHERE `session`='".$_SESSION["monitor_session"]."' AND `ip`='".$_SERVER['REMOTE_ADDR']."' AND `script`='".mysql_real_escape_string($row["script"])."'"); echo $row["script"]; }} else { /*$_SESSION["site_session"] = $_SERVER["UNIQUE_ID"]; $_COOKIE["site_session"] = $_SERVER["UNIQUE_ID"];*/ $session_id_gen = sha1(uniqid(hash("md5", time()), TRUE)); if (isset($_SERVER["REMOTE_ADDR"]) && isset($_COOKIE["cookiecheck"])) { setcookie("cookiecheck", true, time() -1); mysql_query("INSERT INTO `site_activitylogs` (`uid`, `ip`, `session`, `pages`, `timestamps`, `lastaccess`) VALUES ('".$_SESSION["uid"]."', '".$_SERVER['REMOTE_ADDR']."', '".$session_id_gen."', '".mysql_real_escape_string($_GET["url"])."', '".time()."', '".time()."')") or die(mysql_error()); $_SESSION["monitor_session"] = $session_id_gen; $_SESSION["monitor_session_uid"] = $uid; } else { setcookie("cookiecheck", true, time() + 3600); }}?> 75.32.237.212 can you identify this ip?. better upgrade to vps , they will ban u again 75.32.237.212
is my friends house where I stayed to play some 360 You've likely just outgrown shared hosting, and it's time to look at VPS plans. I wouldn't suggest upgrading with hostgator though.
This is a very easy thing to fix, it is just the script that is a 3rd party of whmcs add-on chat.
The original one that is paid and not free from http://whmcsaddon.com/
and I think I might just go back on using comm100 so there is no problem. current resource is not enough for the script,and number of connection from that ip php config should have evaded that by the you cannot optimize the server its not the fault of even scripts its just the hosting resource comparing to the script is very less. An upgrade to a smaller cheap vps or a powerful shared hosting should do the trick thank you!
I think I might just switch over to comm100 if this does happen again for the live chat.
Code: Hello,This message is to advise you of a temporary block placed on your account. This account was found to be consuming an inordinate amount of processor time, to the point of degrading overall system performance. While we do limit each account to no more than 25% of a system's CPU in our terms of service, we do not actively disable accounts until they greatly exceed that number, which is what happened in this case. Requests to this scripts under this account may become degraded by limiting the abilty for scripts to run for a limited amount of time, or if the issue persists, we may be forced to restrict how fast processes can be spawned until the issue has been resolved.We recommend taking steps to reduce the overall CPU usage for the account, which may be as simple as generating a flat HTML page for popular content, or enabling caching that is available through many popular scripts, or disabling high CPU usage features such as searches or Ajax refreshes. Although we may not be able to help in all cases, we would be more than happy to assist if you are unable to determine any cause, or if you need help interpreting any of the information.CPU seconds used in the past hour: 3116.92999999976, 87% CPUSun May 6 03:01:02 CDT 2012Running Processes:Running Queries:Open connectionsCurrent Site Requests:58.165.105.134 spetsnazhost.com /includes/chat/jsCodeInjecter.php?url=http%3A//spetsnazhost58.165.105.134 spetsnazhost.com /includes/chat/jsCodeInjecter.php?url=http%3A//spetsnazhost75.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=current&_=13362816175.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=current&_=13362893075.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=current&_=13362905275.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=current&_=13362905375.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=current&_=13362912375.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=monitor&_=13362816275.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=monitor&_=13362912375.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=monitor&_=13362912675.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133628931997975.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133628932000175.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133628932001775.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133628932012375.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133628933953275.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133628948475675.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133629053290675.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133629053298875.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133629053301275.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133629123932475.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133629124053975.32.237.212 spetsnazhost.com /includes/chat/adminsessions.php?method=new&_=133629124080575.32.237.212 spetsnazhost.com /includes/chat/chat.php75.32.237.212 spetsnazhost.com /includes/chat/chat.php75.32.237.212 spetsnazhost.com /includes/chat/chat.phpCordially, Shaun LLinux Systems AdministratorHostGator.com LLChttp://support.hostgator.comMy scripts information
chat
Code: <?/* WHMCS Addon Live Support - Provides a way for you to instantly communicate with your customers. Copyright (C) 2010-2012 WHMCS Addon This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */@error_reporting(0);@ini_set("register_globals", "off");header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1header("Expires: ".date("r")); // Date in the past//error_reporting(0);// Find WHMCS Directory// Set $pathPart to the folder to exclude from.$directoryFinder = explode("/", $_SERVER["SCRIPT_FILENAME"]);foreach($directoryFinder as $pathPart) { if ($pathPart != "") { if ($pathPart != "includes") { $dir .= "/".$pathPart; } else { $dir .= "/"; break; } }}require_once($dir."dbconnect.php");session_start();// View Messagesswitch ($_POST["action"]) { case "view": if ($_SESSION["adminid"] != "") { $uid = $_SESSION["adminid"]; $utype = 2; } elseif ($_SESSION["uid"] != "") { $uid = $_SESSION["uid"]; $utype = 1; } else { $uid = -1; $utype = 0; } $result = mysql_query("SELECT * FROM `chat_conversations` WHERE `session`='".mysql_real_escape_string($_POST["session"])."' AND `order`>=".mysql_real_escape_string($_POST["count"])." ORDER BY `order`, `timestamp` ASC;"); $numberRows = mysql_num_rows($result); $run = false; if ($numberRows > 0) { if (!isset($chat_settings)) { $result2 = mysql_query("SELECT * FROM `chat_settings`"); while($row = mysql_fetch_array($result2)) { $chat_settings[$row[0]] = $row[1]; } } mysql_free_result($result2); while($row = mysql_fetch_array($result)) { $run = true; $htmlDecode = htmlspecialchars($row["data"]); // Script Excutable if ($row["datatype"] == 1 && $row["ulevel"] == 2) { $lastCount = $row["order"]; $htmlDecode = htmlspecialchars_decode($row["data"]); $htmlDecode .= "<script>count++;</script>"; // Download } elseif ($row["datatype"] == 2) { $lastCount = $row["order"]; echo "<div class='inchat downloadFile ".$row["order"]."'>".htmlspecialchars_decode($row["data"])."</div>"; continue; // Connected User } elseif ($row["datatype"] == 3) { $lastCount = $row["order"]; if ($uid != $row["uid"] || $utype != $row["ulevel"]) echo "<div class='inchat connectedUser ".$row["order"]."'>".htmlspecialchars_decode($row["data"])."</div>"; continue; // Transfer } elseif ($row["datatype"] == 4) { $lastCount = $row["order"]; if ($utype == 2) { echo "<div class='inchat transfer operator ".$row["order"]."'><strong>Transfer Request Initiated!</strong></div>"; } else { echo "<div class='inchat transfer".$row["order"]."'>".htmlspecialchars_decode($row["data"])."</div>"; } continue; // Cancel Transfer } elseif ($row["datatype"] == 5) { $lastCount = $row["order"]; if ($utype == 2) { echo "<div class='inchat transfer operator red ".$row["order"]."'><strong>Transfer has been stopped!</strong></div>"; } else { echo "<div class='inchat transfer".$row["order"]."'>".htmlspecialchars_decode($row["data"])."</div>"; } continue; } // Identify user's name switch ($row["ulevel"]) { case 2: $userResult = mysql_query("SELECT * FROM `tbladmins` WHERE `id`='".$row["uid"]."';"); while($uRow = mysql_fetch_array($userResult)) { switch ($chat_settings["AdminDisplayName"]) { case "l": $uname = $uRow["lastname"]; break; case "f": $uname = $uRow["firstname"]; break; case "fl": $uname = $uRow["firstname"]." ".$uRow["lastname"]; break; case "lf": $uname = $uRow["lastname"]." ".$uRow["firstname"]; break; case "u": $uname = $uRow["username"]; break; default: $uname = $uRow["firstname"]; break; } } break; case 1: $userResult = mysql_query("SELECT * FROM `tblclients` WHERE `id`='".$row["uid"]."';"); while($uRow = mysql_fetch_array($userResult)) { switch ($chat_settings["ClientDisplayName"]) { case "l": $uname = $uRow["lastname"]; break; case "f": $uname = $uRow["firstname"]; break; case "fl": $uname = $uRow["firstname"]." ".$uRow["lastname"]; break; case "lf": $uname = $uRow["lastname"]." ".$uRow["firstname"]; break; default: $uname = $uRow["firstname"]; break; } } break; default: $uname = $row[2]; break; } //$urlPattern[0] = "[[:alpha:]]+://[^<>[:space:]]+[[:alnum:]/]"; //$urlPattern[1] = "www.[^<>[:space:]]+[[:alnum:]/]"; if ($row["ulevel"] != 2) { echo "<div class=\"inchat client ".$row["order"]."\">"; if (strip_tags(preg_replace('/<script\b[^>]*>(.*?)<\/script>/i', "", $htmlDecode)) != "") { echo "<span class=\"inchat client uname\">".$uname.":</span> "; } echo "<span class=\"inchat client usays\">".strip_tags($htmlDecode)."</span></div>"; } else { if ($utype != 2) { echo "<div class=\"inchat operator ".$row["order"]."\">"; if (strip_tags(preg_replace('/<script\b[^>]*>(.*?)<\/script>/i', "", $htmlDecode)) != "") { echo "<span class=\"inchat operator uname\">".$uname.":</span> "; } echo "<span class=\"inchat operator usays\">".strip_tags($htmlDecode, $chat_settings["adminHTML"])."</span></div>"; } else { preg_match_all('/<script\b[^>]*>(.*?)<\/script>/i', $htmlDecode, $matches); if ($matches[1][0] != "") { echo "<div class=\"inchat inchat script ".$row["order"]."\">Script Executed<div class=\"executed\">"; for ($x = 0; $x <= count($matches[1]); $x++) { if ($matches[$x] != "") { echo $matches[1][$x]; } } echo "</div></div>"; } echo "<div class=\"inchat operator ".$row["order"]."\">"; if (strip_tags(preg_replace('/<script\b[^>]*>(.*?)<\/script>/i', "", $htmlDecode)) != "") { echo "<span class=\"inchat operator uname\">".$uname.":</span> "; } echo "<span class=\"inchat operator usays\">".strip_tags(preg_replace('/<script\b[^>]*>(.*?)<\/script>/i', "", $htmlDecode), $chat_settings["adminHTML"])."</span></div>"; } } //echo "<div class=\"chat ".$row["order"]."\">".$row["data"]."</div>"; $lastCount = $row["order"]; } } mysql_free_result($result); include "chatSession.php"; $cSess = new chatSession(); $cSess->useSession($_POST["session"]); if ($_POST["wmessage"] == "true") { $cSess->setWritingMessage($uid.":".$utype, 1); } else { $cSess->setWritingMessage($uid.":".$utype, 0); } $writeMessage = array(); $writeMessage = $cSess->getWritingMessage(); $isWritingM = false; //print_r($writeMessage); foreach ($writeMessage as $arrWM) { $arrWM2 = explode(":", $arrWM); if (!empty($arrWM) && $arrWM2[0] != $uid && $arrWM2[1] != $utype) { $isWritingM = true; } } if ($isWritingM) { if (!$_SESSION["chat_isWriting_".$_POST["session"]]) { $_SESSION["chat_isWriting_".$_POST["session"]] = true; echo "<script type=\"text/javascript\">enableWritingIcon();</script>"; } //echo "Enabled"; } else { if ($_SESSION["chat_isWriting_".$_POST["session"]]) { $_SESSION["chat_isWriting_".$_POST["session"]] = false; echo "<script type=\"text/javascript\">disableWritingIcon();</script>"; } //echo "Disabled"; } if ($run && $_POST["count"] != $lastCount) { echo "<script type=\"text/javascript\">count = ".$lastCount.";</script>"; //print_r($chat_settings); } mysql_close(); break; case "post": if ($_SESSION["adminid"] != "") { $uid = $_SESSION["adminid"]; $utype = 2; } elseif ($_SESSION["uid"] != "") { $uid = $_SESSION["uid"]; $utype = 1; } else { $uid = -1; $utype = 0; } if (!isset($chat_settings)) { $result2 = mysql_query("SELECT * FROM `chat_settings`"); while($row = mysql_fetch_array($result2)) { $chat_settings[$row[0]] = $row[1]; } } $result = mysql_query("SELECT * FROM `chat_conversations` WHERE `session`='".mysql_real_escape_string($_POST["session"])."' AND `order`>=".mysql_real_escape_string($_POST["count"])." ORDER BY `order`, `timestamp` ASC;"); $run = false; while($row = mysql_fetch_array($result)) { $run = true; $lastCount = $row["order"]; } if ($run) { $order = $lastCount + 1; } else { $order = $_POST["count"]; } $data = http://www.wjunction.com/18-server-management-help/$_POST["data"]; if ($data == "%operatorConnectedMessage%" && $_POST["datatype"] == 3) { $data = $chat_settings["operatorConnectedMessage"]; $userResult = mysql_query("SELECT * FROM `tbladmins` WHERE `id`='".$_SESSION["adminid"]."';"); while($uRow = mysql_fetch_array($userResult)) { $data = http://www.wjunction.com/18-server-management-help/str_replace("%FIRSTNAME%", $uRow["firstname"], $data); $data = str_replace("%LASTNAME%", $uRow["lastname"], $data); } $data = htmlspecialchars_decode($data); $data .= "<script type=/"text/javascript/">connected=true;</script>"; } if ($data == "%clientConnectedMessage%" && $_POST["datatype"] == 3) { $data = $chat_settings["clientConnectedMessage"]; if ($utype == 1) { $userResult = mysql_query("SELECT * FROM `tblclients` WHERE `id`='".$uid."';"); while($uRow = mysql_fetch_array($userResult)) { $data = http://www.wjunction.com/18-server-management-help/str_replace("%FIRSTNAME%", $uRow["firstname"], $data); $data = str_replace("%LASTNAME%", $uRow["lastname"], $data); $data = str_replace("%ENTEREDNAME%", "", $data); } } elseif ($utype == 0) { $data = str_replace("%FIRSTNAME%", "", $data); $data = str_replace("%LASTNAME%", "", $data); $data = str_replace("%ENTEREDNAME%", $_POST["user"], $data); } } $data = htmlspecialchars_decode($data); $result = mysql_query("INSERT INTO chat_conversations (`session`, `user`, `uid`, `ulevel`, `data`, `timestamp`, `order`, `datatype`)VALUES ('".mysql_real_escape_string($_POST["session"])."', '".mysql_real_escape_string($_POST["user"])."', '".$uid."', '".$utype."', '".mysql_real_escape_string($data)."', '".$_SERVER['REQUEST_TIME']."', '".mysql_real_escape_string($order)."', '".mysql_real_escape_string($_POST["datatype"])."');"); if ($_POST["datatype"] == 0) { require("chatSession.php"); $chat_session = new chatSession(); $chat_session->useSession($_POST["session"]); if ($chat_session->getActive() == 2) { $userResult = mysql_query("SELECT * FROM `tbladmins` WHERE `id`='".$uid."'"); while($uRow = mysql_fetch_array($userResult)) { $uname = $uRow["firstname"]." ".$uRow["lastname"]; } $result = mysql_query("INSERT INTO `tblticketreplies` (`tid`, `date`, `message`, `admin`) VALUES ('".$chat_session->getTID()."', '".date("Y-m-d G:i:s")."', '".mysql_real_escape_string($data)."', '".mysql_real_escape_string($uname)."');"); } } mysql_close(); break;}?>ADMINSESSION
Code: <?/* WHMCS Addon Live Support - Provides a way for you to instantly communicate with your customers. Copyright (C) 2010-2012 WHMCS Addon This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */@error_reporting(0);@ini_set("register_globals", "off");// Find WHMCS Directory// Set $pathPart to the folder to exclude from.$directoryFinder = explode("/", $_SERVER["SCRIPT_FILENAME"]);foreach($directoryFinder as $pathPart) { if ($pathPart != "") { if ($pathPart != "includes") { $dir .= "/".$pathPart; } else { $dir .= "/"; break; } }}require($dir."/dbconnect.php");# Get Variables from storage (retrieve from wherever it's stored - DB, file, etc...)if (!isset($chat_settings)) { $result2 = mysql_query("SELECT * FROM `chat_settings`"); while($row = mysql_fetch_array($result2)) { $chat_settings[$row[0]] = $row[1]; }}session_start();//print_r($_SESSION);if (!isset($_SESSION["adminid"])) { exit("You do not have permission to view this page."); }function ipcode($ip) { $numbers = preg_split( "/\./", $ip); $code=($numbers[0] * 16777216) + ($numbers[1] * 65536) + ($numbers[2] * 256) + ($numbers[3]); return $code;}$result = mysql_query("SELECT * FROM `tbladmins` WHERE `id`='".$_SESSION["adminid"]."'");while($row = mysql_fetch_array($result)) { $user = $row;}$viewDept = explode(",", $user["supportdepts"]);$result = mysql_query("SELECT * FROM `tblticketdepartments`");$x = 0;$dept = array();while($row = mysql_fetch_array($result)) { $dept[$x] = $row; $x++;}$withinFive = time() - 300;$result = mysql_query("SELECT * FROM `chat_ban`");$x = 0;$ban = array();while($row = mysql_fetch_array($result)) { $ban[$x] = $row["ip"];}if ($_GET["method"] == "current") { $result = mysql_query("SELECT * FROM `chat_sessions` WHERE `active`='0' AND NOT `utype`='2' ORDER BY `timestamp` DESC, `active` ASC");} elseif ($_GET["method"] == "monitor") { $result = mysql_query("SELECT * FROM `site_activitylogs` WHERE `lastaccess` >= ".$withinFive." ORDER BY `uid` DESC,`id` ASC");} else { $result = mysql_query("SELECT * FROM `chat_sessions` WHERE `timestamp` >= ".$withinFive." AND `active` = '1' ORDER BY `timestamp` DESC, `active` ASC");}while($row = mysql_fetch_array($result)) { if ($_GET["method"] == "monitor") { $actuallyRan = true; ?> <table class="monitorTable monitorContent"> <tr> <td class="monitorName"><? $run = false; if ($row["uid"] > 0) { $result2 = mysql_query("SELECT * FROM `tblclients` WHERE `id`=".$row["uid"]); while ($row2 = mysql_fetch_array($result2)) { echo "<a href='http://www.wjunction.com/18-server-management-help/clientssummary.php?userid=".$row["uid"]."' target='_blank'><img src=http://www.wjunction.com/18-server-management-help//"images/icons/clientsprofile.png/" border=/"0/" /> ".$row2["firstname"]." ".$row2["lastname"]."</a>"; $run = true; } } if ($run == false) { echo "<i>Guest</i>"; } ?></td> <td class="monitorDepartment"><?= $row["ip"]; ?></td> <td class="monitorQuestion"><? $pages = explode("|", $row["pages"]); echo $pages[count($pages)-1]; ?></td> <td class="monitorStatus"><? $timestamps = explode("|", $row["timestamps"]); $firstTime = explode(",", $timestamps[0]); //$lastTime = explode(",", $timestamps[count($timestamps)-1]); $timeFinal = ($row["lastaccess"]-$firstTime[0]); $hours = floor($timeFinal/3600); $timeFinal = $timeFinal - ($hours * 3600); $minutes = floor($timeFinal/60); $timeFinal = $timeFinal - ($minutes * 60); $seconds = $timeFinal; if ($minutes < 10) $minutes = "0".$minutes; if ($seconds < 10) $seconds = "0".$seconds; echo $hours.":".$minutes.":".$seconds; // 7 days; 24 hours; 60 mins; 60secs ?></td> <td class="monitorBetween"></td> <td class="monitorActions"> <img class="injectScriptButton <?= $row["id"]; ?>" src="images/script.jpg" title="Inject Script" alt="Inject Script" onclick="injectScript('<?= $row["session"]; ?>', '.injectScriptButton.<?= $row["id"]; ?>')" onmouseover="this.src='http://www.wjunction.com/18-server-management-help/images/script_hover.jpg';" onmouseout="this.src='http://www.wjunction.com/18-server-management-help/images/script.jpg';" /> </td> <td class="monitorBetween"></td> <td class="monitorMore"><? $x = ipcode($row["ip"]); $result2 = mysql_query("SELECT * FROM tblgeoip WHERE ip_from <= '$x' AND ip_to >= '$x'"); while ($row2 = mysql_fetch_array($result2)) { if (floatval($row2["ip_from"]) <= floatval($x) && floatval($row2["ip_to"]) >= floatval($x)) { echo "<img src='http://www.wjunction.com/18-server-management-help/images/flags/".strtolower($row2["ctry"]).".gif' title='".$row2["country"]."' alt='".$row2["country"]."' />"; break; } } ?></td> </tr> </table><? } else { $currentDept = explode("|", $row["departments"]); $ignore = explode("|", $row["ignore"]); //print_r($user); //echo in_array($user["id"], $ignore); $run = false; if ($row["uid"] > 0 || $row["name"] != "") { $run = true; } $env = unserialize($row["environment"]); if (in_array($env["REMOTE_ADDR"], $ban) == 1) { $run = false; } if (in_array($user["id"], $ignore) != 1 && $run || $_GET["method"] == "current" && $run) { if (in_array($currentDept[count($currentDept)-1], $viewDept) == 1 || $currentDept[count($currentDept)-1] == "-1") { //$env = unserialize($row["environment"]); //echo $row["session"]; $actuallyRan = true; ?> <table class="monitorTable monitorContent"> <tr> <td class="monitorName"><? $run = false; if ($row["uid"] > 0) { $result2 = mysql_query("SELECT * FROM `tblclients` WHERE `id`=".$row["uid"]); while ($row2 = mysql_fetch_array($result2)) { echo "<a href='http://www.wjunction.com/18-server-management-help/clientssummary.php?userid=".$row["uid"]."' target='_blank'><img src=http://www.wjunction.com/18-server-management-help//"images/icons/clientsprofile.png/" border=/"0/" /> ".$row2["firstname"]." ".$row2["lastname"]."</a>"; $run = true; } } if ($run == false) { $result2 = mysql_query("SELECT * FROM `tblclients` WHERE `firstname`='".$row["name"]."' OR `lastname`='".$row["name"]."' OR `companyname`='".$row["name"]."' OR `email`='".$row["email"]."' OR `ip`='".$env["REMOTE_ADDR"]."'"); while ($row2 = mysql_fetch_array($result2)) { echo "<img src=http://www.wjunction.com/18-server-management-help//"images/info.gif/" border=/"0/" title=/"Client Results Detected/" alt=/"Client Results Detected/" /> "; break; } echo $row["name"]; } ?></td> <td class="monitorDepartment"><? if ($currentDept[count($currentDept)-1] == "-1") { echo "<i>All</i>"; } else { for ($x = 0; $x < count($dept); $x++) { if ($dept[$x]["id"] == $currentDept[count($currentDept)-1]) { echo $dept[$x]["name"]; } } } ?></td> <td class="monitorQuestion"><? echo $row["question"]; ?></td> <td class="monitorStatus"><? if ($row["active"] == 1) { echo "Not Answered"; } elseif ($row["active"] == 2) { echo "Closed"; } else { echo "Answered"; } ?></td> <td class="monitorBetween"></td> <td class="monitorActions"> <img class="actionAnswer" src="images/answer.jpg" title="Answer" alt="Answer" onclick="answerCall('<?= $row["session"]; ?>'<? if ( $_GET["method"] == "current") { echo ", true"; } ?>);" onmouseover="this.src='http://www.wjunction.com/18-server-management-help/images/answer_hover.jpg';" onmouseout="this.src='http://www.wjunction.com/18-server-management-help/images/answer.jpg';" /> <? if ($_GET["method"] != "current") { ?> <img class="actionIgnore" src=http://www.wjunction.com/18-server-management-help/"images/ignore.jpg" title="Ignore" alt="Ignore" onclick="ignoreCall('<?= $row["session"]; ?>');" onmouseover="this.src='http://www.wjunction.com/18-server-management-help/images/ignore_hover.jpg';" onmouseout="this.src='http://www.wjunction.com/18-server-management-help/images/ignore.jpg';" /> <? } ?> <img src=http://www.wjunction.com/18-server-management-help/"images/blockip.jpg" title="Block IP" alt="Block IP" onclick="blockUser('<?= $row["session"]; ?>');" onmouseover="this.src='http://www.wjunction.com/18-server-management-help/images/blockip_hover.jpg';" onmouseout="this.src='http://www.wjunction.com/18-server-management-help/images/blockip.jpg';" /> </td> <td class="monitorBetween"></td> <td class="monitorMore"><? $x = ipcode($env["REMOTE_ADDR"]); $result2 = mysql_query("SELECT * FROM tblgeoip WHERE ip_from <= '$x' AND ip_to >= '$x'"); while ($row2 = mysql_fetch_array($result2)) { if (floatval($row2["ip_from"]) <= floatval($x) && floatval($row2["ip_to"]) >= floatval($x)) { echo "<img src='http://www.wjunction.com/18-server-management-help/images/flags/".strtolower($row2["ctry"]).".gif' title='".$row2["country"]."' alt='".$row2["country"]."' />"; break; } } ?></td> </tr> </table> <? } } }}if ($actuallyRan != true) { ?><table class="monitorTable monitorContent"> <tr><td style="padding-left: 10px;">No support requests are available at the moment.</td></tr></table><?}?>JsCodeInjection
Code: <?/* WHMCS Addon Live Support - Provides a way for you to instantly communicate with your customers. Copyright (C) 2010-2012 WHMCS Addon This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */@error_reporting(0);@ini_set("register_globals", "off");// Find WHMCS Directory// Set $pathPart to the folder to exclude from.$directoryFinder = explode("/", $_SERVER["SCRIPT_FILENAME"]);foreach($directoryFinder as $pathPart) { if ($pathPart != "") { if ($pathPart != "includes") { $dir .= "/".$pathPart; } else { $dir .= "/"; break; } }}require($dir."/dbconnect.php");session_start();if ($_SESSION["uid"] != "") { $uid = $_SESSION["uid"]; $utype = 1;} else { $uid = 0; $utype = 0;}/*if (isset($_SESSION["site_session"]) || isset($_COOKIE["site_session"])) { $result = mysql_query("SELECT * FROM `site_activitylogs` WHERE `session`='".$_SESSION["site_session"]."'"); while($row = mysql_fetch_array($result)) { if ($uid != $row["uid"] || $_SERVER['REMOTE_ADDR'] != $row["ip"]) { $startNew = true; } }}*/$aTime = time() - 3000;$result = mysql_query("SELECT * FROM `site_activitylogs` WHERE `ip`='".$_SERVER['REMOTE_ADDR']."' AND `lastaccess`>='".$aTime."' ORDER BY `id` ASC");//echo $_SESSION["monitor_session"];if (mysql_num_rows($result) == 1) { while($row = mysql_fetch_array($result)) { $pageFinder = explode("|", $row["pages"]); $timeFinder = explode("|", $row["timestamps"]); if ($pageFinder[count($pageFinder)-1] == $_GET["url"]) { $pages = $row["pages"]; $timeSubFinder = explode(",", $timeFinder[count($timeFinder)-1]); $ran = false; for ($x = 0; $x < count($timeFinder)-1; $x++) { if ($x > 0) { $timestamps .= "|"; } $timestamps .= $timeFinder[$x]; $ran = true; } if ($ran) { $timestamps .= "|"; } $timestamps .= $timeSubFinder[0].",".time(); } else { $pages = $row["pages"]."|".$_GET["url"]; $timestamps = $row["timestamps"]."|".time(); } $_SESSION["monitor_session"] = $row["session"]; $_SESSION["monitor_session_uid"] = $row["uid"]; } if ($_SESSION["monitor_session_uid"] && !$uid) mysql_query("UPDATE `site_activitylogs` SET `pages`='$pages', `timestamps`='$timestamps', `lastaccess`='".time()."' WHERE `session`='".$_SESSION["monitor_session"]."' AND `ip`='".$_SERVER['REMOTE_ADDR']."' AND `lastaccess`>='".$aTime."'"); else mysql_query("UPDATE `site_activitylogs` SET `pages`='$pages', `timestamps`='$timestamps', `lastaccess`='".time()."', `uid`='".$uid."' WHERE `session`='".$_SESSION["monitor_session"]."' AND `ip`='".$_SERVER['REMOTE_ADDR']."' AND `lastaccess`>='".$aTime."'"); $result = mysql_query("SELECT * FROM `site_script` WHERE `session`='".$_SESSION["monitor_session"]."' AND `ip`='".$_SERVER['REMOTE_ADDR']."' AND `excuted`='0'"); while($row = mysql_fetch_array($result)) { mysql_query("UPDATE `site_script` SET `excuted`='1' WHERE `session`='".$_SESSION["monitor_session"]."' AND `ip`='".$_SERVER['REMOTE_ADDR']."' AND `script`='".mysql_real_escape_string($row["script"])."'"); echo $row["script"]; }} else { /*$_SESSION["site_session"] = $_SERVER["UNIQUE_ID"]; $_COOKIE["site_session"] = $_SERVER["UNIQUE_ID"];*/ $session_id_gen = sha1(uniqid(hash("md5", time()), TRUE)); if (isset($_SERVER["REMOTE_ADDR"]) && isset($_COOKIE["cookiecheck"])) { setcookie("cookiecheck", true, time() -1); mysql_query("INSERT INTO `site_activitylogs` (`uid`, `ip`, `session`, `pages`, `timestamps`, `lastaccess`) VALUES ('".$_SESSION["uid"]."', '".$_SERVER['REMOTE_ADDR']."', '".$session_id_gen."', '".mysql_real_escape_string($_GET["url"])."', '".time()."', '".time()."')") or die(mysql_error()); $_SESSION["monitor_session"] = $session_id_gen; $_SESSION["monitor_session_uid"] = $uid; } else { setcookie("cookiecheck", true, time() + 3600); }}?> 75.32.237.212 can you identify this ip?. better upgrade to vps , they will ban u again 75.32.237.212
is my friends house where I stayed to play some 360 You've likely just outgrown shared hosting, and it's time to look at VPS plans. I wouldn't suggest upgrading with hostgator though.
This is a very easy thing to fix, it is just the script that is a 3rd party of whmcs add-on chat.
The original one that is paid and not free from http://whmcsaddon.com/
and I think I might just go back on using comm100 so there is no problem. current resource is not enough for the script,and number of connection from that ip php config should have evaded that by the you cannot optimize the server its not the fault of even scripts its just the hosting resource comparing to the script is very less. An upgrade to a smaller cheap vps or a powerful shared hosting should do the trick thank you!
I think I might just switch over to comm100 if this does happen again for the live chat.